Title: Trillian IRC Module Buffer Overflow Vulnerability
Severity: HIGH
Description:
Cerulean Studios Trillian is a chat program which incorporates various instant messenger programs into one interface. Trillian supports AIM, ICQ, Yahoo! Messenger, MSN Messenger and IRC.
A remotely exploitable buffer overflow condition has been reported in the Trillian IRC module. This issue is due to insufficient bounds checking of DCC Chat message length.
An attacker can exploit this vulnerability by sending a victim user a DCC Chat message of excessive length (4282+ characters). An attacker may potentially exploit this condition to cause stack variables in memory to be overwritten with attacker-supplied values. If the attacker can overwrite the return address of the vulnerable function in stack memory with a pointer to some embedded instructions, this will result in execution of arbitrary code.
This may also cause the Trillian client to crash thereby leading to a denial of service condition.
This vulnerability was reported for Cerulean Studios Trillian 0.73 and 0.72. It is not known whether other versions are affected.
Affected Products:
- Cerulean Studios Trillian 0.725.0
- Cerulean Studios Trillian 0.73.0
References:
- Cerulean Studios: Trillian Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
